[ubuntu/jammy-security] curl 7.81.0-1ubuntu1.4 (Accepted)
Mark Esler
mark.esler at canonical.com
Thu Sep 1 20:01:31 UTC 2022
curl (7.81.0-1ubuntu1.4) jammy-security; urgency=medium
* SECURITY UPDATE: when curl sends back cookies with control bytes a
HTTP(S) server may return a 400 response
- debian/patches/CVE-2022-35252.patch: adds invalid_octets function
to lib/cookie.c to reject cookies with control bytes
- CVE-2022-35252
Date: 2022-09-01 03:08:31.675670+00:00
Changed-By: Mark Esler <mark.esler at canonical.com>
https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list